On 19.07.2014 17:19, Julien Cristau wrote: > Control: tags -1 confirmed > > On Sat, Jul 19, 2014 at 13:51:46 +0200, Julian Taylor wrote:... >> I would like to update ipython in wheezy to fix CVE-2014-3429 >> It is a remote execution flaw via cross origin websockets, but one >> requires a uuid from the process in order to make use of it so it was >> decided by the security team that its severe enough for a DSA. > > Missing "not"?
yes, its not severe enough. > >> But it should stil be fixed in stable just in case. >> >> See this page for details of the issue: >> http://lambdaops.com/cross-origin-websocket-hijacking-of-ipython > > With one comment below, and assuming this has been tested in a wheezy > environment, feel free to upload. thanks fixed and uploaded with a slightly better changelog message. -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/53caaf2a.10...@ubuntu.com
